Setting up a personal site on local hardware has been on my bucket list for along time. I finally bit he bullet and got a basic website running with apache on a Ubuntu based linux distro. I bought a domain name, linked it up to my l ip got SSL via lets encrypt for https and added some header rules until security headers and Mozilla observatory gave it a perfect score.
Am I basically in the clear? What more do I need to do to protect my site and local network? I’m so scared of hackers and shit I do not want to be an easy target.
I would like to make a page about the hardware its running on since I intend to have it be entirely ran off solar power like solar.lowtechmagazine and wanted to share technical specifics. But I heard somewhere that revealing the internal state of your server is a bad idea since it can make exploits easier to find. Am I being stupid for wanting to share details like computer model and software running it?
Keep it segregated from your internal network, no password auth, or better yet, install a privatenet client (Tailscale, Zerotier…etc) and don’t open SSH ports at all, consider using a Cloudflare Tunnel or similar…that’s a basic start.
Honestly, if you’re serving a static site, just deploy it on Digitalocean Apps or R2 for free and skip all the worry and get all the Cloudflare protection built-in.
Cloudflared is such a nice feature, I have seperate tunnels for different services hosted on the one machine.